CVE-2020-11530
CVE-2020-11530
A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerability is introduced in the id GET parameter supplied to get_script/index.php, and allows an attacker to execute arbitrary SQL queries in the context of the WP database user.
Affected products
n/a · n/apublic PoCs found — 3
cve_referencepacketstormsecurity.com/files/157607/WordPress-ChopSlider-3-SQL-Injection.htmlunverifiedcve_referencepacketstormsecurity.com/files/157655/WordPress-ChopSlider3-3.4-SQL-Injection.htmlunverifiedexploitdbwww.exploit-db.com/exploits/48457unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/157607/WordPress-ChopSlider-3-SQL-Injection.htmlhttp://packetstormsecurity.com/files/157655/WordPress-ChopSlider3-3.4-SQL-Injection.htmlhttp://seclists.org/fulldisclosure/2020/May/26https://github.com/idangerous/Plugins/tree/master/Chop%20Slider%203https://idangero.us/